1 /*
2    BlueZ - Bluetooth protocol stack for Linux
3    Copyright (C) 2000-2001 Qualcomm Incorporated
4 
5    Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6 
7    This program is free software; you can redistribute it and/or modify
8    it under the terms of the GNU General Public License version 2 as
9    published by the Free Software Foundation;
10 
11    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19 
20    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22    SOFTWARE IS DISCLAIMED.
23 */
24 
25 /* Bluetooth address family and sockets. */
26 
27 #include <linux/module.h>
28 
29 #include <linux/types.h>
30 #include <linux/list.h>
31 #include <linux/errno.h>
32 #include <linux/kernel.h>
33 #include <linux/sched.h>
34 #include <linux/skbuff.h>
35 #include <linux/init.h>
36 #include <linux/poll.h>
37 #include <net/sock.h>
38 #include <asm/ioctls.h>
39 #include <linux/kmod.h>
40 
41 #include <net/bluetooth/bluetooth.h>
42 
43 #define VERSION "2.16"
44 
45 /* Bluetooth sockets */
46 #define BT_MAX_PROTO	8
47 static const struct net_proto_family *bt_proto[BT_MAX_PROTO];
48 static DEFINE_RWLOCK(bt_proto_lock);
49 
50 static struct lock_class_key bt_lock_key[BT_MAX_PROTO];
51 static const char *const bt_key_strings[BT_MAX_PROTO] = {
52 	"sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP",
53 	"sk_lock-AF_BLUETOOTH-BTPROTO_HCI",
54 	"sk_lock-AF_BLUETOOTH-BTPROTO_SCO",
55 	"sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM",
56 	"sk_lock-AF_BLUETOOTH-BTPROTO_BNEP",
57 	"sk_lock-AF_BLUETOOTH-BTPROTO_CMTP",
58 	"sk_lock-AF_BLUETOOTH-BTPROTO_HIDP",
59 	"sk_lock-AF_BLUETOOTH-BTPROTO_AVDTP",
60 };
61 
62 static struct lock_class_key bt_slock_key[BT_MAX_PROTO];
63 static const char *const bt_slock_key_strings[BT_MAX_PROTO] = {
64 	"slock-AF_BLUETOOTH-BTPROTO_L2CAP",
65 	"slock-AF_BLUETOOTH-BTPROTO_HCI",
66 	"slock-AF_BLUETOOTH-BTPROTO_SCO",
67 	"slock-AF_BLUETOOTH-BTPROTO_RFCOMM",
68 	"slock-AF_BLUETOOTH-BTPROTO_BNEP",
69 	"slock-AF_BLUETOOTH-BTPROTO_CMTP",
70 	"slock-AF_BLUETOOTH-BTPROTO_HIDP",
71 	"slock-AF_BLUETOOTH-BTPROTO_AVDTP",
72 };
73 
bt_sock_reclassify_lock(struct socket * sock,int proto)74 static inline void bt_sock_reclassify_lock(struct socket *sock, int proto)
75 {
76 	struct sock *sk = sock->sk;
77 
78 	if (!sk)
79 		return;
80 
81 	BUG_ON(sock_owned_by_user(sk));
82 
83 	sock_lock_init_class_and_name(sk,
84 			bt_slock_key_strings[proto], &bt_slock_key[proto],
85 				bt_key_strings[proto], &bt_lock_key[proto]);
86 }
87 
bt_sock_register(int proto,const struct net_proto_family * ops)88 int bt_sock_register(int proto, const struct net_proto_family *ops)
89 {
90 	int err = 0;
91 
92 	if (proto < 0 || proto >= BT_MAX_PROTO)
93 		return -EINVAL;
94 
95 	write_lock(&bt_proto_lock);
96 
97 	if (bt_proto[proto])
98 		err = -EEXIST;
99 	else
100 		bt_proto[proto] = ops;
101 
102 	write_unlock(&bt_proto_lock);
103 
104 	return err;
105 }
106 EXPORT_SYMBOL(bt_sock_register);
107 
bt_sock_unregister(int proto)108 int bt_sock_unregister(int proto)
109 {
110 	int err = 0;
111 
112 	if (proto < 0 || proto >= BT_MAX_PROTO)
113 		return -EINVAL;
114 
115 	write_lock(&bt_proto_lock);
116 
117 	if (!bt_proto[proto])
118 		err = -ENOENT;
119 	else
120 		bt_proto[proto] = NULL;
121 
122 	write_unlock(&bt_proto_lock);
123 
124 	return err;
125 }
126 EXPORT_SYMBOL(bt_sock_unregister);
127 
bt_sock_create(struct net * net,struct socket * sock,int proto,int kern)128 static int bt_sock_create(struct net *net, struct socket *sock, int proto,
129 			  int kern)
130 {
131 	int err;
132 
133 	if (net != &init_net)
134 		return -EAFNOSUPPORT;
135 
136 	if (proto < 0 || proto >= BT_MAX_PROTO)
137 		return -EINVAL;
138 
139 	if (!bt_proto[proto])
140 		request_module("bt-proto-%d", proto);
141 
142 	err = -EPROTONOSUPPORT;
143 
144 	read_lock(&bt_proto_lock);
145 
146 	if (bt_proto[proto] && try_module_get(bt_proto[proto]->owner)) {
147 		err = bt_proto[proto]->create(net, sock, proto, kern);
148 		bt_sock_reclassify_lock(sock, proto);
149 		module_put(bt_proto[proto]->owner);
150 	}
151 
152 	read_unlock(&bt_proto_lock);
153 
154 	return err;
155 }
156 
bt_sock_link(struct bt_sock_list * l,struct sock * sk)157 void bt_sock_link(struct bt_sock_list *l, struct sock *sk)
158 {
159 	write_lock_bh(&l->lock);
160 	sk_add_node(sk, &l->head);
161 	write_unlock_bh(&l->lock);
162 }
163 EXPORT_SYMBOL(bt_sock_link);
164 
bt_sock_unlink(struct bt_sock_list * l,struct sock * sk)165 void bt_sock_unlink(struct bt_sock_list *l, struct sock *sk)
166 {
167 	write_lock_bh(&l->lock);
168 	sk_del_node_init(sk);
169 	write_unlock_bh(&l->lock);
170 }
171 EXPORT_SYMBOL(bt_sock_unlink);
172 
bt_accept_enqueue(struct sock * parent,struct sock * sk)173 void bt_accept_enqueue(struct sock *parent, struct sock *sk)
174 {
175 	BT_DBG("parent %p, sk %p", parent, sk);
176 
177 	sock_hold(sk);
178 	list_add_tail(&bt_sk(sk)->accept_q, &bt_sk(parent)->accept_q);
179 	bt_sk(sk)->parent = parent;
180 	parent->sk_ack_backlog++;
181 }
182 EXPORT_SYMBOL(bt_accept_enqueue);
183 
bt_accept_unlink(struct sock * sk)184 void bt_accept_unlink(struct sock *sk)
185 {
186 	BT_DBG("sk %p state %d", sk, sk->sk_state);
187 
188 	list_del_init(&bt_sk(sk)->accept_q);
189 	bt_sk(sk)->parent->sk_ack_backlog--;
190 	bt_sk(sk)->parent = NULL;
191 	sock_put(sk);
192 }
193 EXPORT_SYMBOL(bt_accept_unlink);
194 
bt_accept_dequeue(struct sock * parent,struct socket * newsock)195 struct sock *bt_accept_dequeue(struct sock *parent, struct socket *newsock)
196 {
197 	struct list_head *p, *n;
198 	struct sock *sk;
199 
200 	BT_DBG("parent %p", parent);
201 
202 	local_bh_disable();
203 	list_for_each_safe(p, n, &bt_sk(parent)->accept_q) {
204 		sk = (struct sock *) list_entry(p, struct bt_sock, accept_q);
205 
206 		bh_lock_sock(sk);
207 
208 		/* FIXME: Is this check still needed */
209 		if (sk->sk_state == BT_CLOSED) {
210 			bh_unlock_sock(sk);
211 			bt_accept_unlink(sk);
212 			continue;
213 		}
214 
215 		if (sk->sk_state == BT_CONNECTED || !newsock ||
216 						bt_sk(parent)->defer_setup) {
217 			bt_accept_unlink(sk);
218 			if (newsock)
219 				sock_graft(sk, newsock);
220 
221 			bh_unlock_sock(sk);
222 			local_bh_enable();
223 			return sk;
224 		}
225 
226 		bh_unlock_sock(sk);
227 	}
228 	local_bh_enable();
229 
230 	return NULL;
231 }
232 EXPORT_SYMBOL(bt_accept_dequeue);
233 
bt_sock_recvmsg(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t len,int flags)234 int bt_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
235 				struct msghdr *msg, size_t len, int flags)
236 {
237 	int noblock = flags & MSG_DONTWAIT;
238 	struct sock *sk = sock->sk;
239 	struct sk_buff *skb;
240 	size_t copied;
241 	int err;
242 
243 	BT_DBG("sock %p sk %p len %zu", sock, sk, len);
244 
245 	if (flags & (MSG_OOB))
246 		return -EOPNOTSUPP;
247 
248 	skb = skb_recv_datagram(sk, flags, noblock, &err);
249 	if (!skb) {
250 		if (sk->sk_shutdown & RCV_SHUTDOWN)
251 			return 0;
252 		return err;
253 	}
254 
255 	msg->msg_namelen = 0;
256 
257 	copied = skb->len;
258 	if (len < copied) {
259 		msg->msg_flags |= MSG_TRUNC;
260 		copied = len;
261 	}
262 
263 	skb_reset_transport_header(skb);
264 	err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
265 	if (err == 0)
266 		sock_recv_ts_and_drops(msg, sk, skb);
267 
268 	skb_free_datagram(sk, skb);
269 
270 	return err ? : copied;
271 }
272 EXPORT_SYMBOL(bt_sock_recvmsg);
273 
bt_sock_data_wait(struct sock * sk,long timeo)274 static long bt_sock_data_wait(struct sock *sk, long timeo)
275 {
276 	DECLARE_WAITQUEUE(wait, current);
277 
278 	add_wait_queue(sk_sleep(sk), &wait);
279 	for (;;) {
280 		set_current_state(TASK_INTERRUPTIBLE);
281 
282 		if (!skb_queue_empty(&sk->sk_receive_queue))
283 			break;
284 
285 		if (sk->sk_err || (sk->sk_shutdown & RCV_SHUTDOWN))
286 			break;
287 
288 		if (signal_pending(current) || !timeo)
289 			break;
290 
291 		set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
292 		release_sock(sk);
293 		timeo = schedule_timeout(timeo);
294 		lock_sock(sk);
295 		clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
296 	}
297 
298 	__set_current_state(TASK_RUNNING);
299 	remove_wait_queue(sk_sleep(sk), &wait);
300 	return timeo;
301 }
302 
bt_sock_stream_recvmsg(struct kiocb * iocb,struct socket * sock,struct msghdr * msg,size_t size,int flags)303 int bt_sock_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
304 			       struct msghdr *msg, size_t size, int flags)
305 {
306 	struct sock *sk = sock->sk;
307 	int err = 0;
308 	size_t target, copied = 0;
309 	long timeo;
310 
311 	if (flags & MSG_OOB)
312 		return -EOPNOTSUPP;
313 
314 	msg->msg_namelen = 0;
315 
316 	BT_DBG("sk %p size %zu", sk, size);
317 
318 	lock_sock(sk);
319 
320 	target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
321 	timeo  = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
322 
323 	do {
324 		struct sk_buff *skb;
325 		int chunk;
326 
327 		skb = skb_dequeue(&sk->sk_receive_queue);
328 		if (!skb) {
329 			if (copied >= target)
330 				break;
331 
332 			err = sock_error(sk);
333 			if (err)
334 				break;
335 			if (sk->sk_shutdown & RCV_SHUTDOWN)
336 				break;
337 
338 			err = -EAGAIN;
339 			if (!timeo)
340 				break;
341 
342 			timeo = bt_sock_data_wait(sk, timeo);
343 
344 			if (signal_pending(current)) {
345 				err = sock_intr_errno(timeo);
346 				goto out;
347 			}
348 			continue;
349 		}
350 
351 		chunk = min_t(unsigned int, skb->len, size);
352 		if (memcpy_toiovec(msg->msg_iov, skb->data, chunk)) {
353 			skb_queue_head(&sk->sk_receive_queue, skb);
354 			if (!copied)
355 				copied = -EFAULT;
356 			break;
357 		}
358 		copied += chunk;
359 		size   -= chunk;
360 
361 		sock_recv_ts_and_drops(msg, sk, skb);
362 
363 		if (!(flags & MSG_PEEK)) {
364 			skb_pull(skb, chunk);
365 			if (skb->len) {
366 				skb_queue_head(&sk->sk_receive_queue, skb);
367 				break;
368 			}
369 			kfree_skb(skb);
370 
371 		} else {
372 			/* put message back and return */
373 			skb_queue_head(&sk->sk_receive_queue, skb);
374 			break;
375 		}
376 	} while (size);
377 
378 out:
379 	release_sock(sk);
380 	return copied ? : err;
381 }
382 EXPORT_SYMBOL(bt_sock_stream_recvmsg);
383 
bt_accept_poll(struct sock * parent)384 static inline unsigned int bt_accept_poll(struct sock *parent)
385 {
386 	struct list_head *p, *n;
387 	struct sock *sk;
388 
389 	list_for_each_safe(p, n, &bt_sk(parent)->accept_q) {
390 		sk = (struct sock *) list_entry(p, struct bt_sock, accept_q);
391 		if (sk->sk_state == BT_CONNECTED ||
392 					(bt_sk(parent)->defer_setup &&
393 						sk->sk_state == BT_CONNECT2))
394 			return POLLIN | POLLRDNORM;
395 	}
396 
397 	return 0;
398 }
399 
bt_sock_poll(struct file * file,struct socket * sock,poll_table * wait)400 unsigned int bt_sock_poll(struct file *file, struct socket *sock, poll_table *wait)
401 {
402 	struct sock *sk = sock->sk;
403 	unsigned int mask = 0;
404 
405 	BT_DBG("sock %p, sk %p", sock, sk);
406 
407 	poll_wait(file, sk_sleep(sk), wait);
408 
409 	if (sk->sk_state == BT_LISTEN)
410 		return bt_accept_poll(sk);
411 
412 	if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue))
413 		mask |= POLLERR;
414 
415 	if (sk->sk_shutdown & RCV_SHUTDOWN)
416 		mask |= POLLRDHUP | POLLIN | POLLRDNORM;
417 
418 	if (sk->sk_shutdown == SHUTDOWN_MASK)
419 		mask |= POLLHUP;
420 
421 	if (!skb_queue_empty(&sk->sk_receive_queue))
422 		mask |= POLLIN | POLLRDNORM;
423 
424 	if (sk->sk_state == BT_CLOSED)
425 		mask |= POLLHUP;
426 
427 	if (sk->sk_state == BT_CONNECT ||
428 			sk->sk_state == BT_CONNECT2 ||
429 			sk->sk_state == BT_CONFIG)
430 		return mask;
431 
432 	if (sock_writeable(sk))
433 		mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
434 	else
435 		set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
436 
437 	return mask;
438 }
439 EXPORT_SYMBOL(bt_sock_poll);
440 
bt_sock_ioctl(struct socket * sock,unsigned int cmd,unsigned long arg)441 int bt_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
442 {
443 	struct sock *sk = sock->sk;
444 	struct sk_buff *skb;
445 	long amount;
446 	int err;
447 
448 	BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg);
449 
450 	switch (cmd) {
451 	case TIOCOUTQ:
452 		if (sk->sk_state == BT_LISTEN)
453 			return -EINVAL;
454 
455 		amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
456 		if (amount < 0)
457 			amount = 0;
458 		err = put_user(amount, (int __user *) arg);
459 		break;
460 
461 	case TIOCINQ:
462 		if (sk->sk_state == BT_LISTEN)
463 			return -EINVAL;
464 
465 		lock_sock(sk);
466 		skb = skb_peek(&sk->sk_receive_queue);
467 		amount = skb ? skb->len : 0;
468 		release_sock(sk);
469 		err = put_user(amount, (int __user *) arg);
470 		break;
471 
472 	case SIOCGSTAMP:
473 		err = sock_get_timestamp(sk, (struct timeval __user *) arg);
474 		break;
475 
476 	case SIOCGSTAMPNS:
477 		err = sock_get_timestampns(sk, (struct timespec __user *) arg);
478 		break;
479 
480 	default:
481 		err = -ENOIOCTLCMD;
482 		break;
483 	}
484 
485 	return err;
486 }
487 EXPORT_SYMBOL(bt_sock_ioctl);
488 
bt_sock_wait_state(struct sock * sk,int state,unsigned long timeo)489 int bt_sock_wait_state(struct sock *sk, int state, unsigned long timeo)
490 {
491 	DECLARE_WAITQUEUE(wait, current);
492 	int err = 0;
493 
494 	BT_DBG("sk %p", sk);
495 
496 	add_wait_queue(sk_sleep(sk), &wait);
497 	while (sk->sk_state != state) {
498 		set_current_state(TASK_INTERRUPTIBLE);
499 
500 		if (!timeo) {
501 			err = -EINPROGRESS;
502 			break;
503 		}
504 
505 		if (signal_pending(current)) {
506 			err = sock_intr_errno(timeo);
507 			break;
508 		}
509 
510 		release_sock(sk);
511 		timeo = schedule_timeout(timeo);
512 		lock_sock(sk);
513 
514 		err = sock_error(sk);
515 		if (err)
516 			break;
517 	}
518 	set_current_state(TASK_RUNNING);
519 	remove_wait_queue(sk_sleep(sk), &wait);
520 	return err;
521 }
522 EXPORT_SYMBOL(bt_sock_wait_state);
523 
524 static struct net_proto_family bt_sock_family_ops = {
525 	.owner	= THIS_MODULE,
526 	.family	= PF_BLUETOOTH,
527 	.create	= bt_sock_create,
528 };
529 
bt_init(void)530 static int __init bt_init(void)
531 {
532 	int err;
533 
534 	BT_INFO("Core ver %s", VERSION);
535 
536 	err = bt_sysfs_init();
537 	if (err < 0)
538 		return err;
539 
540 	err = sock_register(&bt_sock_family_ops);
541 	if (err < 0) {
542 		bt_sysfs_cleanup();
543 		return err;
544 	}
545 
546 	BT_INFO("HCI device and connection manager initialized");
547 
548 	err = hci_sock_init();
549 	if (err < 0)
550 		goto error;
551 
552 	err = l2cap_init();
553 	if (err < 0)
554 		goto sock_err;
555 
556 	err = sco_init();
557 	if (err < 0) {
558 		l2cap_exit();
559 		goto sock_err;
560 	}
561 
562 	return 0;
563 
564 sock_err:
565 	hci_sock_cleanup();
566 
567 error:
568 	sock_unregister(PF_BLUETOOTH);
569 	bt_sysfs_cleanup();
570 
571 	return err;
572 }
573 
bt_exit(void)574 static void __exit bt_exit(void)
575 {
576 
577 	sco_exit();
578 
579 	l2cap_exit();
580 
581 	hci_sock_cleanup();
582 
583 	sock_unregister(PF_BLUETOOTH);
584 
585 	bt_sysfs_cleanup();
586 }
587 
588 subsys_initcall(bt_init);
589 module_exit(bt_exit);
590 
591 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
592 MODULE_DESCRIPTION("Bluetooth Core ver " VERSION);
593 MODULE_VERSION(VERSION);
594 MODULE_LICENSE("GPL");
595 MODULE_ALIAS_NETPROTO(PF_BLUETOOTH);
596